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earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

Responsive to communication(s) filed on 13 October 2005 . 
2a)£3 This action is FINAL. 2b)D This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-15 and 17-23 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [E] Claim(s) 1-15 and 17-23 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) [3 The specification is objected to by the Examiner. 

10) Q The drawing(s) filed on is/are: a)0 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 



1. 



Claims 1-15 and 17-23 are pending. 



2. 



Amendment filed 10/13/2005 has been received and 



considered . 



Specification 



3. The amendment filed 10/13/2005 is objected to under 35 
U.S.C. 132(a) because it introduces new matter into the 
disclosure. 35 U.S.C. 132(a) states that no amendment shall 
introduce new matter into the disclosure of the invention. The 
added material which is not supported by the original disclosure 
is as follows: "entering into an isolated execution mode only if 
the file does not have a corresponding digital signature chain." 

Applicant is required to cancel the new matter in the reply 
to this Office Action. 



4. The following is a quotation of the first paragraph of 35 
U.S.C. 112: 

The specification shall contain a written description of the invention, and 
of the manner and process of making and using it, in such full, clear, 
concise, and exact terms as to enable any person skilled in the art to 
which it pertains, or with which it is most nearly connected, to make and 
use the same and shall set forth the best mode contemplated by the inventor 
of carrying out his invention. 



Claim Rejections - 35 USC §112 
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5. Claims 13-15, 17-23 are rejected under 35 U.S.C. 112, first 
paragraph, as failing to comply with the written description 
requirement. The claim (s) contains subject matter which was not 
described in the specification in such a way as to reasonably 
convey to one skilled in the relevant art that the inventor (s), 
at the time the application was filed, had possession of the 
claimed invention. The description of the situation when a 
digital signature chain is not present is described in lines 10- 
17 of page 17 of the specification; it no where states that the 
isolated execution mode could not be entered at any point before 
or after this situation- 



Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S.C. 103(a) which 
forms the basis for all obviousness rejections set forth in this 
Office action: 

(a) A patent may not be obtained though the invention is not identically 
disclosed or described as set forth in section 102 of this title, if the 
differences between the subject matter sought to be patented and the prior 
art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the 
art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

7. Claims 13-15, and 18 are rejected under 35 U.S.C. 103(a) as 



being unpatentable over Waldin et al (U.S. 6,094,731) further in 
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view of Menezes et al (''Handbook of Applied Cryptography") and 
further in view of Chang et al (US 5724425) . 

As per claim 13, Waldin et al discloses a method: entering 
into isolated execution mode only if the file does not have a 
corresponding digital signature chain; analyzing an integrity of 
the file during the isolated execution mode; and issuing the 
digital signature chain if the file has an acceptable file 
integrity during the isolated execution mode (see Waldin et al 
column 6 lines 18-65) and verifying the digital signature chain 
of the file by determining whether the file has an acceptable 
file integrity, and whether each signatory providing the digital 
signature chain is authorized (see column 6 lines 18-65) . 

Waldin et al fails to disclose determining whether a 
digital signature chain accompanies a file to be accessed and 
the digital signature chain (Waldin et al discloses a hash 
chain) . 

However, Chang et al teaches determining whether a digital 
signature chain accompanies a file to be accessed (see column 3 
lines 38-45) and Menezes et al teaches a digital signature from 
a hash (see page 452-454). 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Chang et al's 
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determination and Menezes et al's method of digital signature 
creation for the hash chain of Waldin et al's system. 

Motivation to do so would have been to determine the 
validity of received data (see Chang et al lines 38-45) and to 
allow for authentication, authorization and non-repudiation of 
information (see Menezes et al page 22). 

As per claim 14, the modified Waldin et al, Menezes et al 
and Chang et al system discloses precluding access to the file 
if the file has unacceptable file integrity (see Waldin et al 
column 6 lines 18-65) . 

As per claim 15, the modified Waldin et al, Menezes et al 
and Chang et al system discloses precluding access to the file 
if at least one signatory of the digital signature chain is 
unauthorized (see Waldin et al column 6 lines 18-65) . 

As per claim 18, the modified Waldin et al, Menezes et al 
and Chang et al system discloses opening the file if the 
verified digital signature chain indicates acceptable file 
integrity (see Waldin et al column 6 lines 18-65); and refusing 
to open the if the verified digital signature chain indicates 
unacceptable file integrity (see Waldin et al column 4 lines 45- 
62) . 
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8. Claims 1-4, 9-12 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Waldin et al, further in view of Menezes 
et al and further in view of Garney (US 5386552). 

As per claim 1, Waldin et al discloses a platform 
comprising: a processor (see figure 1 #9); and a memory coupled 
to and physically separate from the processor, the memory 
including an isolated memory area containing a file checker 
executable by the processor, the file checker including a file 
analyzer to perform a scan operation on a file to produce a 
scanning result and a signature generator to produce a signature 
chain including a digital signature having the scanning result 
and a version number of the file analyzer (see column 4 lines 
45-62) . 

Waldin et al fails to disclose the digital signature chain 
(Waldin et al discloses a hash chain) and a portion of the 
memory accessible by the processor only when the processor is 
operating in an isolated execution mode. 

However, Menezes et al teaches a digital signature from a 
hash (see page 452-454) and Garney teaches the use of isolated 
memory (see column 2 lines 64-68 and column 3 lines 46-52). 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Menezes et al's 
method of digital signature creation for the hash chain of 
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Waldin et al's system and to use Garney' s isolated memory to 
store the file checker and signature generator. 

Motivation to do so would have been to allow for 
authentication, authorization and non-repudiation of information 
(see Menezes et al page 22) to allow the system to handle 
interrupts from different devices (see Garney column 3 lines 35- 
45) . 

As per claim 2, the modified Waldin et al, Menezes et al 
and Garney system disclose the scan operation by the file 
checker is a virus detection function (see Waldin et al column 4 
lines 48-49) . 

As per claim 3, the modified Waldin et al, Menezes et al 
and Garney system disclose the incoming file is prevented from 
being executed if the verified digital signature chain indicated 
an unacceptable file integrity (see Waldin et al column 6 lines 
18-65) . 

As per claim 4, the modified Waldin et al, Menezes et al 
and Garney system disclose the incoming file is accessed if the 
verified digital signature chain indicates acceptable file 
integrity (see Waldin et al column 6 lines 18-65) . 

As per claim 9, the modified Waldin et al, Menezes et al 
and Garney system disclose the file analyzer is a virus 
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detector, an intrusion detector, or a file integrity checker 
(see column 4 lines 48-49). 

As per claim 10, the modified Waldin et al, Menezes et al 
and Garney system discloses the signature generator comprises an 
encryptor to encrypt the scanning result using a signature key 
(see Menezes et al pages 452-454); and a time stamper coupled to 
the encryptor to timestamp the encrypted result using a time 
indicator, the time stamped encrypted result corresponds to the 
digital signature (see Waldin et al column 4 line 63 through 
column 5 line 50) . 

As per claim 11, the modified Waldin et al, Menezes et al 
and Garney system discloses the time indicator is one of a 
calendar time and a version identifier of the scanner (see 
Waldin et al column 4 lines 63-67). 

As per claim 12, the modified Waldin et al, Menezes et al 
and Garney system discloses the file is code (see Waldin et al 
column 3 lines 5-20) . 

9. Claims 5 and 8 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified Waldin et al, Menezes et al and 
Garney system as applied to claim 5 above, and further in view 
of Swaney et al (U.S. 4,488,232). 

As per claim 5, the modified Waldin et al, Menezes et al 
and Garney system discloses a first control unit coupled to both 
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the processor and the memory (see Waldin et al column 4 lines 
45-62); but fails to disclose a second control unit coupled to 
the first control unit and a token bus interface. 

However Swaney et al teaches a token bus interface (see 
column 8 lines 9-27 where it is inherent the system with a token 
bus interface must have a second control unit coupled with the 
first control unit to allow for the output of the file via the 
token bus interface) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Swaney et al's 
token bus interface within the modified system of Waldin et al 
and Menezes et al. 

Motivation to do so would have been to allow for the 
systems to use a token bus to transfer the data (see Swaney et 
al column 1 lines 10-14). 

As per claim 8, the modified Waldin et al, Menezes et al, 
and Swaney et al system discloses input/output devices coupled 
to the second control unit (see column 8 lines 9-27). 
10. Claim 17 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified Waldin et al, Menezes et al, and 
Chang et al system as applied to claim 13 above, and further in 
view of Hewlett-Packard Co. (EP 1030237). 
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As per claim 17, the modified Waldin et al and Menezes et 
al system fails to disclose issuing the digital signature chain 
with an indication that the file integrity is unacceptable if 
the integrity of the file is analyzed and determined to be 
unacceptable. 

However, Hewlett-Packard Co. discloses such an indication 
(see column 6 lines 33-36) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Hewlett-Packard 
Co.'s indication in the modified Waldin et al and Menezes et al 
system. 

Motivation to do so would have been to determine when a 
file is being access (see Hewlett-Packard Co column 7 lines 1- 
8) . 

11. Claims 19-23 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified Waldin et al, Menezes et al, and 
Chang et al system as applied to claim 13 above, and further in 
view of Garney. 

As per claim 19, the modified Waldin et al, Menezes et al, 
and Chang et al system discloses code for determining whether a 
digital signature- chain accompanies a file to be accessed; 
entering into isolated execution mode only if the file does not 
have a corresponding digital signature chain; analyzing an 
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integrity of the file during the isolated execution mode; and 
issuing the digital signature chain if the file has an 
acceptable file integrity during the isolated execution mode 
(see Waldin et al column 6 lines 18-65) and verifying the 
digital signature chain of the file by determining whether the 
file has an acceptable file integrity, and whether each 
signatory providing the digital signature chain is authorized 
(see column 6 lines 18-65) . 

Waldin et al, Menezes et al, and Chang et al system fails 
to disclose the code being stored in a portion of the memory 
accessible by the processor only when the processor is operating 
in an isolated execution mode. 

However, Garney teaches the use of isolated memory (see 
column 2 lines 64-68 and column 3 lines 46-52). 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to use Garney' s isolated 
memory to store the code for the file checker and signature 
generator . 

Motivation to do so would have been to allow the system to 
handle interrupts from different devices (see Garney column 3 
lines 35-45) . 

As per claim 20, the modified Waldin et al, Menezes et al, 
and Chang et al system discloses precluding access to the file 
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if the file has unacceptable file integrity (see Waldin et al 
column 6 lines 18-65) . 

As per claim 21, the modified Waldin et al, Menezes et al, 
and Chang et al system discloses precluding access to the file 
if at least one signatory of the digital signature chain is 
unauthorized (see Waldin et al column 6 lines 18-65) . 

As per claims 22-23, the modified Waldin et al, Menezes et 
al, and Chang et al system discloses providing a time stamp and 
version number of the code for determining whether the digital 
signature chain accompanies the file to be accessed (see Waldin 
et al column 6 lines 18-65 and figures 4 and 5) . 
12. Claim 6 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified Waldin et al, Menezes et al and 
Carney system as applied to claim 1 above, and further in view 
of Mattison (US 5778070) . 

As per claim 6, the modified Waldin et al, Menezes et al 
and Garney system fails to disclose different public and private 
signatory keys are used for different versions of the file 
analyzer . 

However, Mattison teaches using different keys for 
different versions (see column 3 line 58 through column 4 line 
7) . 
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At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to using different keys 
for different versions of the file analyzer of the modified 
Waldin et al, Menezes et al and Garney system. 

Motivation to do so would have been to ensure that any 
previous version of the program could be updated without going 
through all revisions in between (see column 3 line 58 through 
column 4 line 7 ) . 

13. Claim 7 is rejected under 35 U.S.C. 103(a) as being 
unpatentable over the modified Waldin et al, Menezes et al and 
Garney system as applied to claim 1 above, and further in view 
of Spear (US 6611925) . 

As per claim 7, the modified Waldin et al, Menezes et al 
and Garney system fails to disclose the file analyzer can 
further issue multiple digital certificates with different 
varying expiration dates. 

However, Spear teaches a file analyzer issuing digital 
certificates (see Abstract) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art for the analyzer of the 
modified Waldin et al, Menezes et al and Garney system to issue 
certificates . 
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Motivation to do so would have been to certify the scanned 
data is free of malicious code (see Abstract) . 

The modified Waldin et al, Menezes et al, Garney, and Spear 
system fails to disclose that the digital certificates of 
different varying expiration dates. However Official Notice is 
taken that at the time of the invention it would have been 
obvious to a person of ordinary skill in the art for digital 
certificates to have different varying expiration dates. 

Motivation to do so would have been that different 
information is valid for different periods of time. 

Response to Arguments 

Applicant's arguments filed 10/13/2005 have been fully 
considered but they are not persuasive. Applicant argues: in 
claims 13 and 19 the modified Waldin, Menezes, and Chang (and 
Garney) system fails to disclose entering into an isolated 
execution mode only if the file does not have a corresponding 
digital signature chain; the modified Waldin, Menezes, and 
Garney system fails to disclose the memory is physically 
separate from the processor; the cited time indicator does not 
provide information regarding the recentness of the scan 
operation; and HP fails to teach a digital signature chain that 
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is issued with an indication that the file integrity is 
unacceptable . 

Regarding Applicant's argument that the modified Waldin, 
Menezes, and Chang (and Garney) system fails to disclose 
entering into an isolated execution mode only if the file does 
not have a corresponding digital signature chain, as disclosed 
in column 6 of Waldin (as modified) when step 1 passes without 
entering the scanning module then it will enter the scanning 
module only when the digital signature fails which is when it is 
not present. 

Regarding Applicant's argument that the modified Waldin, 
Menezes, and Garney system fails to disclose the memory is 
physically separate from the processor, Applicant is directed to 
figure 1 numbers 9 and 10 which shows the processor and memory 
being physically separate. 

Regarding Applicant's argument that the cited time 
indicator does not provide information regarding the recentness 
of the scan operation, in column 4 lines 63-67 of Waldin the 
date when the virus definitions were updated and the version 
number of the scanner are added, these both provide information 
regarding the recentness of the scan operation. 

Regarding Applicant's argument that HP fails to teach a 
digital signature chain that is issued with an indication that 
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the file integrity is unacceptable, HP is relied upon for its 
teaching of indicating lack of integrity which is applied to the 
digital signature of the modified system of Waldin and Menezes. 

Conclusion 

14. THIS ACTION IS MADE FINAL. Applicant is reminded of the 
extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action 
is set to expire THREE MONTHS from the mailing date of this 
action. In the event a first reply is filed within TWO MONTHS 
of the mailing date of this final action and the advisory action 
is not mailed until after the end of the THREE-MONTH shortened 
statutory period, then the shortened statutory period will 
expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated 
from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than 
SIX MONTHS from the mailing date of this final action. 

15. The prior art made of record and not relied upon is 
considered pertinent to applicant's disclosure. Muhlestein (US 
20020103783) teaches attaching a timestamp to a file after it 
was scanned for a virus. 
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Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Michael 
Pyzocha whose telephone number is (571) 272-3875. The examiner 
can normally be reached on 7:00am - 4:30pm first Fridays of the 
bi-week off. 

If attempts to reach the examiner by telephone are 
unsuccessful, the examiner's supervisor, Emmanuel Moise can be 
reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 
703-872-9306. 

Information regarding the status of an application may be 
obtained from the Patent Application Information Retrieval 
(PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free) . 



MJP 
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SUPERVISORY PATENT EXAMINER 




